[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-kernel
Subject:    Re: [PATCH v2 1/3] x86/bugs: Only harden syscalls when needed
From:       Linus Torvalds <torvalds () linux-foundation ! org>
Date:       2024-04-15 15:47:48
Message-ID: CAHk-=wjXidMn6-gGFidXvm0=k_4m-rk5Pgs5HcrtkYKMHYA3xg () mail ! gmail ! com
[Download RAW message or body]

On Mon, 15 Apr 2024 at 08:27, Nikolay Borisov <nik.borisov@suse.com> wrote:
>
> Same as with every issue - assess the problem and develop fixes.

No. Let's have at least all the infrastructure in place to be a bit proactive.

> Let's be honest, the indirect branches in the syscall handler aren't the
> biggest problem

Oh, they have been.

> it's the stacked LSMs.

Hopefully those will get fixed too.

There's a few other fairly reachable ones (the timer indirection ones
are much too close, and VFS file ops aren't entirely out of reach).

But maybe some day we'll be in a situation where it's actually fairly
hard to reach indirect kernel calls from untrusted user space.

The system call ones are pretty much always the first ones, though.

> And even if those get fixes
> chances are the security people will likely find some other avenue of
> attack, I think even now the attack is somewhat hard to pull off.

No disagreement about that. I think outright sw bugs are still the
99.9% thing. But let's learn from history instead of "assess the
problem" every time anew.

               Linus

[prev in list] [next in list] [prev in thread] [next in thread]